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Jun 26, 1990 



DOCUMENT- IDENTIFIER: US 4937784 A 

TITLE: Distributed interactive processing method in complex system including plural 
work stations and plural host computers and apparatus using the same 



Brief Summary Text (3) : 

In. an interactive processing system such as the time sharing system (TSS) , for the 
user's request issued from a terminal equipment, the syntactical check has been 
effected on the terminal side as described in the JP-A-60-144839 . However, the 
request itself is analyzed in the virtual address space of a host computer to select 
a program satisfying the request in the same space. The selected program first 
arranges the necessary environment, for example, allocates file and effects an OPEN 
processing thereon, and then executes the requested processing. 

Brief Summary Text (10) : 

In the TSS of the conventional technology, although the syntactical check may be 
considered to be achieved in a terminal equipment, the request analysis cannot be 
implemented therein; consequently, there is provided a process ( virtual address 
space ) for each terminal to execute programs therein, namely, the request from a 
terminal is analyzed in the space and the processing environment is established in 
the same space, thereby executing a processing associated with the request. As a 
result, although the TSS is suitable for the irregular job to process various kinds 
of unfixed data, a large load is imposed on the host, which therefore cannot 
simultaneously process the requests from many terminals. 

Brief Summary Text (15) : 

The object can be accomplished by a method in which a plurality of server processes 
( virtual address spaces ) are provided in the host corresponding to the respective 
requested and based on a result of an analysis conducted on a processing request in 
an intelligent terminal, the processing request for other than the intelligent 
terminal is transmitted to a particular server of a particular host corresponding to 
the processing request, thereby enabling the server to execute the processing. 

Current US Original Classification (1) : 
709/104 

Current US Cross Reference Classification (1) : 
709/203 

Current US Cross Reference Classification (2) : 
709/310 
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File: USPT 



Sep 4, 2001 



DOCUMENT- IDENTIFIER: US 6286047 Bl 

TITLE: Method and system for automatic discovery of network services 



Abstract Text (1) : 

A method for identifying services, service elements and dependencies among the 
services and service elements includes executing first and second phases of 
discovery. In the first phase, the services and service elements are detected, as 
well as a first set of dependencies. The second phase is based on results of the 
first phase and is focused upon detecting inter-service dependencies, i.e., 
conditions in which proper operation of one service relies upon at least one other 
service. Various techniques may be used in executing the first phase, including 
accessing information in a domain name service (DNS) of the network to identify 
dependencies, as well as services and service elements. Discovery within the first 
phase may also be based upon recognizing naming conventions. Regarding the second 
phase, one approach to discovering inter- service dependencies is to deploy discovery 
agents implemented in computer software to access content of configuration files of 
applications detected in the first phase. Discovery agents may also be used to 
monitor connections completed via specified service elements detected in the first 
phase, such that other inter- service dependencies are identified. As an alternative 
or additional approach, network probes may be deployed to access information of data 
packets transmitted ted between service elements detected in the first phase, with 
the accessed packet information being used to detect inter-service dependencies. 
When information of the DNS is accessed in the first phase, the information is used 
as a basis for determining at least some of (1) groups of service elements that are 
generally equivalent with respect to executing a particular service within the 
network, (2) hosts supporting virtual hosting, (3) hosts supporting virtual servers, 
and (4) name servers. 
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File: USPT 



Jul 18, 2000 



DOCUMENT- IDENTIFIER: US 6092178 A 

TITLE: System for responding to a resource request 



Abstract Text (1) : 

A trigger is provided in association with a network naming service, such as DNS 
(Domain Name Service) , that handles client requests for an application. The trigger 
comprises a set of executable instructions referenced by a resource record 
associated with an identifier of the application. In response to a client request 
concerning the application, the resource record is retrieved and the instructions 
are executed. In one implementation of a trigger, a DNS server provides load 
balancing among a plurality of servers within a network name space (e.g., domain or 
sub-domain) offering an application program (or replicated service) that is known by 
a virtual server name. A policy is selected for choosing a preferred server from the 
plurality of servers according to a specified status or operational characteristic 
of the application instances, such as the least-loaded instance of the application 
or the instance with the fastest response time. The policy is encapsulated within 
multiple levels of objects or modules distributed among the plurality of servers and 
the DNS server. The objects collect and assemble the servers' status and operational 
characteristics. The information collected by the objects is analyzed to select the 
server that best satisfies the selected policy. A client request for the application 
is received by the DNS server, which retrieves a resource record corresponding to 
the virtual server name. Within the record is the name of a trigger. The trigger is 
executed to select, or retrieve an identity of, a server to which the client request 
is to be directed. 



Current US Cross Reference Classification (1) 
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File: USPT 



Feb 9, 1999 



DOCUMENT- IDENTIFIER: US 5870550 A 

TITLE: Web server employing mult i -homed, moldular framework 



Abstract Text (1) : 

A Web server is provided having a multi -homed, modular framework. The modular 
framework allows extensions to the Web server to be easily compiled into the Web 
server, allowing the extensions to run natively as part of the server instead of 
incurring the overhead typical of CGI scripts, for example. The multi-homing 
capabilities of the Web server provide the appearance to Web users of multiple 
distinct and independent servers, allowing a small company or individual to create 
the same kind of Web presence enjoyed by larger companies. In effect, multiple 
virtual servers run on the same physical machine. The Web server as a whole is 
easily extensible to allow additional capabilities to be provided natively within 
the Web server itself. Furthermore, each virtual server is independently 
configurable in order to turn different capabilities on or off or to modify 
operation of the virtual server . The Web server is also provided with enhanced 
security features, built-in animation capability, and other features that afford 
maximum flexibility and versatility. 

Current US Original Classification (1) : 
709/218 

Current US Cross Reference Classification (2) : 
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File: USPT 



Feb 11, 1997 



DOCUMENT- IDENTIFIER: US 5602992 A 

TITLE: System for synchronizing data stream transferred from server to client by 
initializing clock when first packet is received and comparing packet time 
information with clock 



Abstract Text (1) : 

An apparatus and method for synchronizing multiple independent data streams in a 
networked computer system is disclosed. In a computer network having a plurality of 
computer systems coupled by a communication medium, one of the plurality of computer 
systems being a server system, a different one of the plurality of computer systems 
being a client system, a method for synchronizing a data stream transferred from the 
server system to the client system, the method comprising the steps of: 1) capturing 
information into a data packet, the capturing step being performed by the server 
system; 2) storing time information into the data packet, the time information 
indicating when the capturing step is complete; 3) transferring the data packet to 
the client system across the communication medium; 4) initializing a virtual server 
system clock if the data packet is a first data packet is the data stream; 5) 
retrieving the time information from the data packet; 6) comparing the time 
information with the virtual server system clock; and 7) processing the information 
in the data packet if the time information indicates a time equal to a time 
indicated by the virtual server system clock. The present invention further includes 
the steps of: 1) scheduling processing of the information in the data packet if the 
time information indicates a time later than a time indicated by the virtual server 
system clock; and 2) discarding the data packet if the time information indicates a 
time earlier than a time indicated by the virtual server system clock. 

Current US Original Classification (1) : 
709/248 
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□ 1 . Document ID: US 6374290 Bl 

L7: Entry 1 of 3 File: USPT 



Apr 16, 2002 



DOCUMENT- IDENTIFIER: US 6374290 Bl 
TITLE: Self moderated virtual communities 



Detailed Description Text (4) : 

FIG. 1 illustrates a client server network having virtual servers in accordance with 
one embodiment of the present invention. Client (i.e., user) computers 10-19 
communicate with a Net News Reading Protocol (NNRP) server 50 having a NNRP agent 
55. The NNRP server 50 is a proxy caching server connected to a network 70. The 
network 7 0 may be an intranet, an internet, a wide area network, a local area 
network, or other network configuration. The network 70 is connected to a news 
server 90 containing articles on various topics. One embodiment of an NNRP server 
for receiving news from a news server is disclosed in co-pending U.S. patent 
application entitled, "HYBRID NEWS SERVER," application Ser. No. 09/263,587 filed on 
Mar. 5, 1999 which is incorporated herein by reference. 
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□ 2. Document ID: US 6108701 A 

L7: Entry 2 of 3 



File: USPT 



Aug 22, 2000 



DOCUMENT- IDENTIFIER: US 6108701 A 

TITLE: Soft switch extension for internet protocol applications 



Detailed Description Text (2) : 

With reference now to the figures and in particular with reference to FIG. 2A, a 
simplified schematic of the preferred multiple server embodiment of the present 
invention is depicted. In this embodiment, a plurality of servers 200, 2 02 are 
assigned the same IP address on a local area network ("LAN") 204. A router 206 is 
coupled to the LAN and connects the servers 2 00, 2 02 via an Intranet or Internet 2 08 
to a client computer 210. Also coupled to the LAN is a DNS Server 212 that is used 
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for "name to IP address" translation. The plurality of servers 200, 202 thus appear 
as one logical host (i.e. a virtual server ) 214 to the client 210 and also to the 
DNS Server 212, because the servers 200, 202 share the same IP address and host 
name . 

Current US Original Classification (1) : 
709/224 

Current US Cross Reference Classification (1) : 
709/203 



DOCUMENT- IDENTIFIER : US 5884035 A 

TITLE: Dynamic distributed group registry apparatus and method for collaboration and 
selective sharing of information 

Detailed Description Text (84) : 

Still in FIG. 7a, viewers table 86 contains the list of all valid users or viewers 
at a given client or firm. This table is used to determine if the specified user or 
viewer is a member of the client's intranet and access to that client's intranet 
will only be allowed if the user or viewer is listed in this table. Users or viewers 
entered in this table are allowed access to all client or firm workgroups that are 
common, as specified in the WGmembership field of group table 70. Turning now to 
FIG. 8a, and back to a discussion of domain communications servers, a list of the 
principal domain communications server URLs is shown. As mentioned above, a domain 
communications server is implemented, in a preferred embodiment, using AOLserver 
software, because of its ability to dynamically load shared objects when spawning a 
virtual server . In a preferred embodiment of the present invention, object-oriented 
programming techniques are used, since they allow the creation of procedures for 
objects whose exact type is not known until actual running of the program. Object 
oriented techniques also permit the system implementer to define and use shared 
objects—compiled C++ code that is called by more than one function or program. In 
the AOLserver, for example, which shared object to load is specified to it within an 
initialization file used when starting AOLServer's NSD process. In a preferred 
embodiment of the present invention, the shared object named "domainserver . so" (also 
known as "domainserver.dll" for NT versions) , is designated as the shared object to 
be loaded when the AOLserver is started up. 

Current US Original Classification (1) : 
709/218 

Current US Cross Reference Classification (3) : 
709/205 
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□ 1. Document ID: US 6535491 B2 

L4: Entry 1 of 3 6 



File: USPT 



Mar 18, 2003 



DOCUMENT- IDENTIFIER: US 6535491 B2 

TITLE: Method and apparatus for rapidly reconfiguring computer networks using a 
spanning tree algorithm 

Abstract Text (1) : 

A method that rapidly reconfigures a computer network having a plurality of devices 
executing the spanning tree algorithm. First, one or more devices are configured and 
arranged so that one port, providing connectivity to the root, is in the forwarding 
state and the remaining ports, providing connectivity to the root, are in the 
blocked state. Next, one or more of the blocked ports are designated as back-up 
ports. Upon detection of a failure at the active forwarding port, one of the back-up 
ports immediately transitions from blocked to forwarding, thereby becoming the new 
active port for the device. Following the transition to a new active port, dummy 
multicast messages are transmitted, each containing the source address of an entity 
directly coupled to the affected device or downstream thereof. By examining the 
dummy multicast messages, other devices in the network learn to use to the new 
forwarding port of the affected device. Rapid reconfiguration of the network is also 
provided upon detection of a new or repaired link or device representing a better 
path toward the root. The method is also compatible with networks supporting virtual 
local area network (VLAN) designations and allows load balancing among different 
VLANs . 

Current US Cross Reference Classification (1) : 
709/220 

Current US Cross Reference Classification (2) : 
709/221 

Current US Cross Reference Classification (3) : 
709/239 



DOCUMENT- IDENTIFIER: US 6473803 Bl 

TITLE: Virtual LAN interface for high-speed communications between heterogeneous 
computer systems 




□ 2. Document ID: US 6473803 Bl 

L4 : Entry 2 of 3 6 



File: USPT 



Oct 29, 2002 



Abstract Text (1) : 

Methods and apparatus that enable a first network protocol provider, executing on a 
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first computer system, and a second network protocol provider, executing on a second 
computer system which is directly interconnected to the first computer system, to 
communicate at high speed, with low latency, over the interconnection therebetween 
such that both systems may use their native mechanisms to communicate with each 
other without change in those mechanisms, rather than over conventional network 
communication paths such as Ethernet. An interconnection couples the input/output 
(I/O) subsystem of the first computer system to the I/O subsystem of the second 
computer system such data can be transmitted between the systems, and a virtual LAN 
( " VLAN " ) device driver executing on the second computer system provides an interface 
between the interconnection and the native communications mechanisms of the second 
computer system. The VLAN simulates a conventional network driver such as an NDIS 
Fiber Distributed Data Interface (FDDI) network interface card (NIC) Miniport driver 
to the transport protocol driver TCPIP.SYS on the second computer system and 
exchanges data with the first computer system via a particular line of a LAN station 
group for delivery to and receipt from the first computer system. 

Current US Original Classification (1) : 
709/238 



□ 3. Document ID: US 6460088 Bl 

L4: Entry 3 of 3 6 



File: USPT 



Oct 1, 2002 



DOCUMENT- IDENTIFIER: US 6460088 Bl 

TITLE: Method and apparatus for port vector determination at egress 
Abstract Text (1) : 

An integrated multiport switch operating in a packet switched network provides the 
capability to alter VLAN tags on a port by port basis. An internal rules checker 
(IRC) employs a modular architecture that enables data frames to be processed 
simultaneously and increase data throughput. The IRC further generates a port 
vector, and thereby, outputs a forwarding descriptor that instructs Port Vector FIFO 
logic (PVF) on how to process the data frame. 

Current US Original Classification (1) : 
709/236 



□ 4. Document ID: US 6457058 Bl 

L4 : Entry 4 of 3 6 



File: USPT 



Sep 24, 2002 



DOCUMENT- IDENTIFIER: US 6457058 Bl 

TITLE: Network switch with hash table look up 



Abstract Text (1) : 

An improved look up mechanism for accessing a RAM to obtain forwarding information 
for data frames being transported among ports of a high-performance switch is 
provided. The look up mechanism includes a multi-page look up table and associated 
hashing technique. A media access control (MAC) address and a virtual local area 
network (VLAN) identifier are transformed with a hash function to obtain a hash key. 
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The hash key is an address pointing to a particular entry in the look up table. A 
virtual first page is also derived from the hash key, which selects a particular 
physical page of the look up table to be initially accessed each time that MAC 
address/VLAN pair is used. The look up mechanism may also be used to access a short 
cut table containing Layer 3 short cut information. In either case, ultimately, the 
likelihood is increased that a match will be found on the first RAM access, thus 
maintaining high-speed switch performance. 

Current US Original Classification (1) : 
709/238 

Current US Cross Reference Classification (1) : 
709/245 



□ 5. Document ID: US 6445709 Bl 

L4 : Entry 5 of 3 6 



File: USPT 



Sep 3, 2002 



DOCUMENT- IDENTIFIER: US 6445709 Bl 

TITLE: Method and apparatus for finding a match entry using receive port number 
embedded in the port vector 

Abstract Text (1) : 

A network switch configured for switching data packets across multiple ports uses an 
address table to generated frame forwarding information. The switch receives frame 
information including a source address and destination address along with a virtual 
local area network ( VLAN ) ID, if applicable. A decision-making engine searches a 
network address table to "learn" Medium Access Control (MAC) addresses without 
having to store receive port numbers by embedding the receive port number in the 
stored port vector fields. 

Current US Cross Reference Classification (2) : 
709/236 



□ 6. Document ID: US 6430621 Bl 

L4: Entry 6 of 3 6 



File: USPT 



Aug 6, 2002 



DOCUMENT- IDENTIFIER: US 6430621 Bl 

TITLE: System using different tag protocol identifiers to distinguish between 
multiple virtual local area networks 



Abstract Text (1) : 

A method and apparatus that provides for grouping nodes in multiple VLANs using port 
based VLAN grouping, and explicitly associates one of multiple VLANs with a packet 
transmitted by the nodes, using IEEE 802 . 1Q based frame tagging. A switch receives 
an untagged packet, filters the packet, and based on the contents of the packet, 
inserts a tag header with a common VLAN identifier and a unique tag protocol 
identifier (TPID) . 
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□ 7. Document ID: US 6418480 Bl 

L4 : Entry 7 of 3 6 



File: USPT 



Jul 9, 2002 



DOCUMENT- IDENTIFIER : US 6418480 Bl 

TITLE: Communication packet including a multicast address and a destination address 
different than an equivalent to the multicast address 

Abstract Text (1) : 

A switch is provided for use in a virtual communications system having multiple 
local area networks interconnected by multiple switches through a trunk, which has 
one or more trunk stations connected directly thereto. The switch includes a first 
communications port connected directly to a first local area network and a second 
communications port connected directly to the trunk. The first local area network is 
within a virtual area network configured to include a second local area network and 
a trunk station. A switch control detects a communication from the first local area 
network having a multicast address representing desired destination addresses. The 
switch control appends a VLAN header having a destination address different than but 
corresponding to the multicast address to the communication to form a VLAN 
communication and directs transmission of the VLAN communication to the second 
communication port for delivery to the multicast addressees. 

Current US Original Classification (1) : 
709/245 



□ 8. Document ID: US 6414958 Bl 

L4 : Entry 8 of 3 6 



File: USPT 



Jul 2, 2002 



DOCUMENT- IDENTIFIER: US 6414958 Bl 

TITLE: Four-port secure ethernet VLAN switch supporting SNMP and RMON 



Abstract Text (1) : 

A mult i -port switch is provided having an Ethernet switching section for connecting 
and switching among network devices and includes at least three ports, a network 
management module operating according to SNMP, and a monitoring module operating 
according to RMON. The switch can arrange the ports to operate as virtual local area 
networks ( " VLANs " ) . The switch is secured with a network element that is part of a 
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network device. In a system including the multi-port switch, an automated teller 
machine local area network is connected to one port, a customer data LAN is 
connected to a second port, and a router is connected to a third port. The switch 
arranges the three port connections into two VLANs, each VLAN including the router. 
The switch alternately switches between the VLANs in order to enable the ATM LAN and 
the customer data LAN to communicate with an external network. The switch is secured 
with or located inside one of the ATMs in the ATM LAN. 

Current US Cross Reference Classification (3) : 
709/249 



DOCUMENT- IDENTIFIER: US 6388995 Bl 

TITLE: Method and apparatus for rapidly reconfiguring computers networks executing 
the spanning tree algorithm 



Abstract Text (1) : 

A method that rapidly reconfigures a computer network having a plurality of devices 
executing the spanning tree algorithm. First, one or more devices are configured and 
arranged so that one port, providing connectivity to the root, is in the forwarding 
state and the remaining ports, providing connectivity to the root, are in the 
blocked state. Next, one or more of the blocked ports are designated as back-up 
ports. Upon detection of a failure at the active forwarding port, one of the back-up 
ports immediately transitions from blocked to forwarding, thereby becoming the new 
active port for the device. Following the transition to a new active port, dummy 
multicast messages are transmitted, each containing the source address of an entity 
directly coupled to the affected device or downstream thereof. By examining the 
dummy multicast messages, other devices in the network learn to use to the new 
forwarding port of the affected device. Rapid reconfiguration of the network is also 
provided upon detection of a new or repaired link or device representing a better 
path toward the root. The method is also compatible with networks supporting virtual 
local area network ( VLAN ) designations and allows load balancing among different 
VLANs . 
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Abstract Text (1) : 

A method and apparatus for efficiently searching a forwarding database or similar 
data structure are provided. According to one aspect of the present invention, the 
overall average time required to forward a packet from the ingress port of a network 
device to one or more egress ports may be reduced by attacking the worst case 
forwarding database search. Data is received at a first port of the network device 
and a search key is extracted from the data. Typically the search key includes one 
or more of a source or destination Internet Protocol (IP) address, a souce or 
destination Media Access Control (MAC) address, and/or a Virtual Local Area Network 
(VLAN) tag. Ultimately, the data is forwarded to a second port of the network device 
based upon a matching entry located by the search. The search includes retrieving 
keys from entries of the forwarding database and comparing the search key to the 
keys until a matching entry is located. The retrieval includes causing a pipelined 
memory in which the forwarding database is stored to access memory locations in an 
order that minimizes a worst case search of the forwarding database. For example, a 
request is made to load a first key from memory that is associated with a database 
entry and subsequent requests may be made in a pipelined manner to load subsequent 
keys, whereby the memory is caused to access keys of different entries during 
consecutive clock cycles. 
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TITLE: Address look-up mechanism in a multi-port bridge for a local area network 



Abstract Text (1) : 

An address look-up mechanism in a multi-port bridge for controlling use of a memory 
as a look-up table for appropriately filtering and directing packets. The look-up 
table includes learned look-up tables, permanent look-up tables and linked lists. As 
a data packet originating from a node (source node) is received by a corresponding 
one of the ports (source port) of the multi-port bridge, a look-up cycle and then a 
learning cycle are each performed. During the learning cycle, an identification of 
the source port for the packet is stored in the learned look-up tables in 
association with a hashed node address of the source node. Each existing entry is 
examined to ensure that the appropriate port identification is stored and to 
determine whether two or more nodes share a same hashed node address. If two nodes 
have the same hashed node address, then a linked entry in the linked lists is 
formed. During the look-up cycle, the packet is examined to determine whether it is 
intended for a VLAN group, if the packet is to be broadcast to all nodes of the LAN 
or if the packet is intended for a single destination node. If the packet is 
intended for a VLAN group, the source node address for the packet is utilized to 
access an appropriate entry in the permanent table. If the packet is intended to be 
broadcast to all the nodes of the LAN, the packet is directed to all the ports. If 
the packet is intended for a single destination node, information stored in the 
learned look-up tables during learning cycles for prior packets is utilized to 
identify an appropriate destination port for the packet. 
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TITLE: Multiple VLAN architecture system 



Abstract Text (1) : 

A system in which a single VLAN architecture spans multiple VLAN transport protocols 
and technologies, including a method and system in which multiple different VLANs 



Record List Display 





http://westbrs:8002/bin/cgi-bin/accum_que 



may be combined in a single enterprise network. Each LAN- switch in the system 
identifies each frame with an identifier, and associates that identifier with 
particular VLAN identifiers for each type of VLAN technology. When a frame is 
bridged or routed from a first type of VLAN to a second type of VLAN, the first VLAN 
encapsulation is removed and the second VLAN encapsulation is added, with 
appropriate change in the VLAN identifier for the frame or packet. The identifier 
may also be implicit for the frame, such as when a particular set of sender's MAC 
addresses are identified with a particular VLAN . Individual VLANs, of whatever 
architecture, may be added, configured or reconfigured, modified, or deleted, using 
control tools associated with the multiple VLAN architecture system. Individual 
ports may be associated with particular VLANs, or may be designated "dynamic" so 
that frames or packets associated with those ports are associated with particular 
VLANs in response to source or destination addresses or other information. 
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DOCUMENT- IDENTIFIER: US 6269404 Bl 

TITLE: Virtual network architecture for connectionless LAN backbone 



Abstract Text (1) : 

Network traffic management is achieved based on automatically setting up a plurality 
of virtual networks (VNETs) within a single large virtual LAN . Multicast/broadcast 
traffic is confined to the VNET of the source, without imposing constraints on layer 
two addressing within the virtual LAN . VNETs are domains of users of a virtual LAN 
which include members of logical networks defined at layer three or higher. One 
method includes transferring a multi-destination packet originating from a 
particular node in the virtual LAN by tunnelling across a connectionless backbone 
network to a virtual net server. The virtual net server translates the 
multi -destination packet to a plurality of tunneled messages identifying nodes 
authorized to receive multi -destination packets from members of the particular VNET 
which originated the packet. The tunneled messages are then forwarded from the 
virtual net server to the authorized nodes. This way, multi -destination packets, 
such as advertisement or discovery packets, are confined to a single VNET. By 
confining the multi-destination packets to a single VNET, unicast packets generated 
within the virtual LAN are then also naturally confined to that VNET. 
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TITLE: Look up mechanism and associated hash table for a network switch 



Abstract Text (1) : 

An improved look up mechanism for accessing a RAM to obtain forwarding information 
for data frames being transported among ports of a high-performance switch is 
provided. The look up mechanism includes a multi-page look up table and associated 
hashing technique. A media access control (MAC) address and a virtual local area 
network ( VLAN ) identifier are transformed with a hash function to obtain a hash key. 
The hash key is an address pointing to a particular entry in the look up table. A 
virtual first page is also derived from the hash key, which selects a particular 
physical page of the look up table to be initially accessed each time that MAC 
address/VLAN pair is used. The look up mechanism may also be used to access a short 
cut table containing Layer 3 short cut information. In either case, ultimately, the 
likelihood is increased that a match will be found on the first RAM access, thus 
maintaining high-speed switch performance. 
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TITLE: System and method for automatically setting VLAN configuration information 



Abstract Text (1) : 

An automatic VLAN configuration information setting system comprising an automatic 
VLAN configuration information setting device and one or more switching hubs, for 
setting VLAN configuration information of the switching hubs, is proposed. When a 
terminal is added to or removed from an Ethernet port of a switching hub by the 
user, a VLAN alteration request section of the switching hub detects the event, and 
a VLAN alteration request is transmitted to the automatic VLAN configuration 
information setting device. In a database of the automatic VLAN configuration 
information setting device, VLAN detailed information concerning all the VLANs 
managed by the automatic VLAN configuration information setting device is stored. A 
VLAN configuration instruction text editing section of the automatic VLAN 
configuration information setting device edits a VLAN configuration instruction text 
(an instruction scenario) by referring to the VLAN alteration request and the VLAN 
detailed information. The VLAN detailed information stored in the database is 
updated according to the VLAN configuration instruction text, and the VLAN 
configuration information of the switching hub is updated according to the VLAN 
configuration instruction text, thereby VLAN configuration information of the 
switching hubs is automatically set and updated without efforts by network 
administrators . 
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TITLE: Multiple VLAN Architecture system 



Abstract Text (1) : 

A system in which a single VLAN architecture spans multiple VLAN transport protocols 
and technologies, including a method and system in which multiple different VLANs 
may be combined in a single enterprise network. Each LAN- switch in the system 
identifies each frame with an identifier, and associates that identifier with 
particular VLAN identifiers for each type of VLAN technology. When a frame is 
bridged or routed from a first type of VLAN to a second type of VLAN, the first VLAN 
encapsulation is removed and the second VLAN encapsulation is added, with 
appropriate change in the VLAN identifier for the frame or packet. The identifier 
may also be implicit for the frame, such as when a particular set of sender's MAC 
addresses are identified with a particular VLAN . Individual VLANs, of whatever 
architecture, may be added, configured or reconfigured, modified, or deleted, using 
control tools associated with the multiple VLAN architecture system. Individual 
ports may be associated with particular VLANS, or may be designated "dynamic" so 
that frames or packets associated with those ports are associated with particular 
VLANs in response to source or destination addresses or other information. 
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TITLE: Distributed VLAN mechanism for packet field replacement in a multi-layered 
switched network element using a control field/signal for indicating modification of 
a packet with a database search engine 



Abstract Text (1) : 

A system and method for updating packet headers using hardware that maintains the 
high performance of the network element. In one embodiment, the system includes an 
input port process (IPP) that buffers the input packet received and forwards header 
information to the search engine. The search engine searches a database maintained 
on the switch element to determine the type of the packet. In one embodiment, the 
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type may indicate whether the packet can be routed in hardware. In another 
embodiment, the type may indicate whether the packet supports VLANs . The search 
engine sends the packet type information to the IPP along with the destination 
address (DA) to be updated if the packet is to be routed, or a VLAN tag if the 
packet has been identified to be forwarded to a particular VLAN . The IPP, during 
transmission of the packet to a packet memory selectively replaces the corresponding 
fields, e.g., DA field or VLAN tag field; the modified packet is stored in the 
packet memory. Associated with the packet memory are control fields containing 
control field information conveyed to the packet memory by the IPP. An output port 
process (OPP) reads the modified input packet and the control field information and 
selectively performs additional modifications to the modified input packet and issue 
control signals to the output interface (i.e., MAC). The MAC, based upon the control 
signals, replaces the source address field with the address of the MAC and generates 
a CRC that is appended to the end of the packet. 
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TITLE: System for broadcasting messages to each of default VLAN ports in subset of 
ports defined as VLAN ports 



Abstract Text (1) : 

A data transmission network having a port-based default VLAN that limits flooding to 
other VLANs . The default VLAN receives a data packet, ascertains the destination 
address of the packet, and then determines if the destination port is one of the 
default VLAN ports. The data packet is transmitted to the destination port if it is 
one of the default VLAN ports, or to each of the default VLAN ports if the 
destination port is not one of the default VLAN ports . The data packet is not 
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transmitted to any other non-default VLAN port. 
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TITLE: Virtual local network for sending multicast transmissions to trunk stations 



Abstract Text (1) : 

A switch is provided for use in a virtual communications system having multiple 
local area networks interconnected by multiple switches through a trunk, which has 
one or more trunk stations connected directly thereto. The switch includes a first 
communications port connected directly to a first local area network and a second 
communications port connected directly to the trunk. The first local area network is 
within a virtual area network configured to include a second local area network and 
a trunk station. A switch control detects a communication from the first local area 
network having a multicast address representing desired destination addresses. The 
switch control appends a VLAN header having a destination address different than but 
corresponding to the multicast address to the communication to form a VLAN 
communication and directs transmission of the VLAN communication to the second 
communication port for delivery to the multicast addressees. 
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TITLE: Internetworking router 



Abstract Text (1) : 

The object of the present invention is to accommodate physical segments of LANs into 
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a switching hub substituting them for virtual LANs without modifying software of 
terminals or setting of the terminal and provide a routing function of the third 
layer without deteriorating the degree of freedom in virtual LAN setting of the 
switching hub. The internetworking router of the present invention includes LAN 
controlling means 1, packet memory 2, bridge processing means 3, table memory 4, 
routing processing means 5, table memory 6, free buffer queue 7, reception buffer 
queue 8 and transmission buffer queue 9 between LAN controlling means 1 and bridge 
processing means 3, and reception buffer queue 10 and transmission buffer queue 11 
between bridge processing means 3 and routing processing means 5. Table memory 4 
includes bridge group table 41 and address learning tables 42. sub. 1 to 42. sub. n. 
Table memory 6 includes routing table 61 and ARP table 62 . 
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DOCUMENT- IDENTIFIER: US 6085238 A 
TITLE: Virtual LAN system 



Abstract Text (1) : 

A virtual LAN system forms a virtual group which is based on elements having 
physical attribute or logical attribute and constituting a virtual LAN, sets a 
client address and priority of the virtual group in a virtual group registration 
table, and allocates unicast and broadcast traffic bands in group units. 
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TITLE: Network device for supporting construction of virtual local area networks on 
arbitrary local and wide area computer networks 



Abstract Text (1) : 

A network device that translates addresses of machines on physically separate 
networks and filters packets at the link, network and transport layers implements a 
virtual LAN over interconnected computer networks transparent to the computer 
networks. Using authentication and encryption, a secure connection between these 
network devices over a public wide area network implements a virtual private network 
and enables the definition of virtual LANs over the virtual private network. The 
network device has three tables for network address translation, routing, and 
filtering. A controller processes each incoming packet by translating network 
addresses to determine the destination of the packet, routing the packet to the 
determined location and filtering the packet according to filters defined for 
traffic between the source destination of the packet. If the packet is to be 
directed to a wide area network, encryption and authentication procedures can be 
provided to ensure secure transmission of the packet. 
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DOCUMENT- IDENTIFIER: US 6041358 A 

TITLE: Method for maintaining virtual local area networks with mobile terminals in 
an ATM network 

Abstract Text (1) : 

A method and system are provided for implementing virtual local area networks 
( VLANs ) over ATM using LAN over ATM emulation technology. Server nodes which provide 
address registration/resolution and which enable multicast and broadcast routing on 
each VLAN are interconnected into multiple trees. The root server nodes of each tree 
are interconnected according to a hypercube topology. Data structures for 
maintaining the locations and routing information of mobile terminals is provided. 
Methods for constructing and updating the data structures when a mobile terminal 
moves from location to another also provided. Methods are also provided for routing 
packets using the data structures to and from mobile terminals. 
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DOCUMENT -IDENTIFIER: US 6041166 A 

TITLE: Virtual network architecture for connectionless LAN backbone 



Abstract Text (1) : 

Network traffic management is achieved based on automatically setting up a plurality 
of virtual networks (VNETs) within a single large virtual LAN . Multicast/broadcast 
traffic is confined to the VNET of the source, without imposing constraints on layer 
two addressing within the virtual LAN . VNETs are domains of users of a virtual LAN 
which include members of logical networks defined at layer three or higher. One 
method includes transferring a multi -destination packet originating from a 
particular node in the virtual LAN by tunnelling across a connectionless backbone 
network to a virtual net server. The virtual net server translates the 
multi-destination packet to a plurality of tunneled messages identifying nodes 
authorized to receive multi -destination packets from members of the particular VNET 
which originated the packet. The tunneled messages are then forwarded from the 
virtual net server to the authorized nodes. 

Abstract Text (2) : 

This way, multi-destination packets, such as advertisement or discovery packets, are 
confined to a single VNET. By confining the multi-destination packets to a single 
VNET, unicast packets generated within the virtual LAN are then also naturally 
confined to that VNET. 
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TITLE: Virtual LAN system 



Abstract Text (1) : 

By providing a plurality of virtual LAN's such that ports communicating according to 
one protocol are grouped and communication is performed between the ports in the 
group, a communication is possible according to a plurality of protocols and it is 
possible to enter into other virtual LAN's than a virtual LAN to which a connection 
is made. 
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DOCUMENT- IDENTIFIER : US 6035405 A 
TITLE: Secure virtual LANs 



Abstract Text (1) : 

The present invention discloses a method for securely adding a new end station to a 
local area network (LAN) segmented into a number of virtual local area networks 
( VLANs ) . The invention is applicable to various types of LANs such as Ethernet and 
token ring. The LAN comprises an authentication server (AS) which interacts with 
each new end station before connection to a VLAN is allowed. The method involves the 
AS administering a test to the new end station, which may involve prompting the new 
end station for a password or asking it to encrypt a given number using a secret 
algorithm known only to the new end station and to the AS. The AS examines the 
results of this test and determines whether the new end station is permitted to join 
the VLAN . For added security, the new end station can verify authenticity of the AS 
by administering a test of its own, which may consist of prompting the AS for a 
password of its own or asking it to encrypt a new number, the new end station 
subsequently determining whether the AS is indeed genuine before beginning to 
transmit any further information. In this way, an end station cannot join a VLAN 
without authentication by the AS and a legitimate end station can verify whether the 
test it is asked to pass comes from a legitimate source, thereby avoiding network 
security breaches. 

Current US Cross Reference Classification (1) : 
709/227 



DOCUMENT- IDENTIFIER: US 6035105 A 
TITLE: Multiple VLAN architecture system 



Abstract Text (1) : 

A system in which a single VLAN architecture spans multiple VLAN transport protocols 
and technologies, including a method and system in which multiple different VLANs 
may be combined in a single enterprise network. Each LAN- switch in the sytem 
identifies each frame with an identifier, and associates that identifier with 
particular VLAN identifiers for each type of VLAN technology. When a frame is 
bridged or routed from a first type of VLAN to a second type of VLAN, the first VLAN 
encapsulation is removed and the second VLAN encapsulation is added, with 
appropriate change in the VLAN identifier for the frame or packet. The identifier 
may also be implicit for the frame, such as when a particular set of sender's MAC 
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addresses are identified with a particular VLAN . Individual VLANs, of whatever 
architecture, may be added, configured or reconfigured, modified, or deleted, using 
control tools associated with the multiple VLAN architecture system. Individual 
ports may be associated with particular VLANs, or may be designated "dynamic" so 
that frames or packets associated with those ports are associated with particular 
VLANs in response to source or destination addresses or other information. 
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DOCUMENT- IDENTIFIER: US 6032194 A 

TITLE: Method and apparatus for rapidly reconfiguring computer networks 



Abstract Text (1) : 

A method that rapidly reconfigures a computer network having a plurality of devices 
executing the spanning tree algorithm. First, one or more devices are configured and 
arranged so that one port, providing connectivity to the root, is in the forwarding 
state and the remaining ports, providing connectivity to the root, are in the 
blocked state. Next, one or more of the blocked ports are designated as back-up 
ports. Upon detection of a failure at the active forwarding port, one of the back-up 
ports immediately transitions from blocked to forwarding, thereby becoming the new 
active port for the device. Following the transition to a new active port, dummy 
multicast messages are transmitted, each containing the source address of an entity 
directly coupled to the affected device or downstream thereof. By examining the 
dummy multicast messages, other devices in the network learn to use to the new 
forwarding port of the affected device. Rapid reconfiguration of the network is also 
provided upon detection of a new or repaired link or device representing a better 
path toward the root. The method is also compatible with networks supporting virtual 
local area network ( VLAN ) designations and allows load balancing among different 
VLANs . 
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DOCUMENT- IDENTIFIER: US 6023563 A 

TITLE: Networking switch having the network presence of a bridge 



Abstract Text (1) : 

A Network Switch and related method are disclosed for handling large amounts of 
internetwork message traffic employing internetwork protocols in a way substantially 
as efficient as a bridge handles network traffic within a network without the 
complexity and expense related to employing a full router. The Network Switch 
features database means for correlating MAC addresses, network addresses, network 
switch port addresses and VLAN configuration. The Network Switch maintains the 
network presence of a bridge (i.e., it does not have its own MAC or network address) 
and operates promiscuously by having internetwork traffic travel through the Network 
Switch and entering address data of the data packets. The Network Switch thus learns 
the network topology and subsequently redirects and re-addresses packets addressed 
to a router and transmits them to their destination MAC address. In this way, the 
workload on the router is greatly reduced. Any packet having an unknown address is 
forwarded to the router as originally sent. The related method discloses an 
internetwork configuration featuring a plurality of networks connected with at least 
one Network Switch device and at least one router, and serves to alleviate the 
workload which had been placed entirely on the router according to prior art 
configurations. The Network Switch also features various modes of operation for 
handling address resolution requests. 

Current US Original Classification (1) : 
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DOCUMENT -IDENTIFIER: US 6016318 A 

TITLE: Virtual private network system over public mobile data network and virtual 
LAN 



Abstract Text (1) : 

In a virtual private network system accessed by an internet, a virtual local area 
network (LAN) is connected to a LAN emulation server and IAN emulation clients, and 
a router is connected between the internet and the virtual LAN . Also, a public 
mobile data network is connected to a location register and mobile data subscriber 
processing units, and a data gateway is connected between the internet and the 
public mobile data networks Further, a virtual private network gateway is connected 
between the virtual LAN and the public mobile data network. A mobile data terminal 
having one IP address and one public network address and can be connected to either 
one of the LAN emulation clients or one of the mobile data subscriber processing 
units . 
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DOCUMENT- IDENTIFIER: US 5968126 A 

TITLE: User-based binding of network stations to broadcast domains 



Abstract Text (1) : 

A broadcast or multicast message from a network station is forwarded only to 
stations in the same virtual broadcast domain (VBD) as the sending station. In some 
embodiments, a VBD is virtual network ( VLAN ) or a workgroup (a group of stations, 
possibly within a VLAN ) . A membership of a network station in a VBD is determined 
based on the user who logged on to the station. When the station is first powered 
up, it is bound to a "default" VBD. When a user logs on, the VBD(s) assigned to the 
user are determined, and the user's station is switched to the VBD(s). When the user 
logs off, the user's station is returned to the default VBD. 
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DOCUMENT- IDENTIFIER: US 5920699 A 

TITLE: Broadcast isolation and level 3 network switch 



Abstract Text (1) : 

A network switch comprising a switching Application Specific Integrated Circuit 
(ASIC) and a Virtual Switching Engine (VSE) connected to a plurality of ports. The 
switching ASIC has a high-speed memory table which enables it to look up addresses 
that it has previously obtained and to forward unicast packets to said addresses. 
The VSE is a CPU that makes switching decisions outside of the ASIC and keeps track 
of any unknown addresses, forwarding the packets out the appropriate ports and 
answers broadcast packets by proxy for all known addresses without forwarding any of 
the packets down the VLANs, thereby freeing the VLAN bandwidth from excessive 
traffic. The system requires no user configuration because the switching methodology 
is self-adaptive to the network in which it is inserted and has the ability to 
perform router functions such as level 2 and 3 switching, spanning tree protocols 
and compatibility with Internetwork Packet and Internetwork Packet Exchange 
networks . 
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TITLE: Virtual local area network memory access system 



Abstract Text (1) : 

A VLAN memory access system to provide VLAN address table look-ups with the ability 
to simultaneously do processor read cycles or processor write cycles to the same 
memory structure with anatomical accesses. The system encompasses the interaction 
between a memory look-up table that stores the slot allowed transition bit mask for 
a multi-slot hub based VLAN switch, a switch processor interface that is used to 
upgrade the memory access table by writing entries into the table or reading the 
table to verify its contents, and a look-up processor that uses the VLAN table to 
make forwarding decisions on the destination of a packet based on the value read 
from the VLAN memory look-up table. The VLAN table accesses must be arbitrated 
between the look-up processor, which has the highest priority, and read or write 
accesses from the switch processor. The look-up processor takes the VLAN ID field of 
a packet and uses this as the address of the slot allowed transmit bit mask to be 
applied to the destination slot bit mask. This logical AND function is used to 
determine the final bit mask of slots that will receive this packet. 
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DOCUMENT- IDENTIFIER: US 5892912 A 

TITLE: Method of managing virtual networks using a virtual network identifier 



Abstract Text (1) : 

A method is provided for managing virtual networks wherein switching hubs, each 
having ports to which nodes are respectively connected and having a bridging 
function, are interconnected via an ATM network, and predetermined ones of the ports 
of the switching hubs are grouped in order to construct virtual LANs . Data from a 
source node is transmitted to nodes belonging to the same group as the source node. 
A VLAN server, which stores MAC addresses of these nodes and VLAN identifiers in 
association with each other, is connected to the ATM network and collectively 
manages all nodes by means of the MAC addresses. The switching hub makes an inquiry 
for a VLAN identifier, and reconstructs or modifies the VLAN in accordance with a 
VLAN identifier responded from the VLAN server. 
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TITLE: Dynamic reconfiguration of network device's virtual LANs using the root 
identifiers and root ports determined by a spanning tree procedure 



Abstract Text (1) : 

A system and method of configuring VLANs of a multiple port bridging device by 
merging potentially conflicting VLANs . One or more VLANs are first defined by the 
user, and equivalent and subset VLANs are merged. The spanning tree procedure is 
then performed to determine a root identifier and a root port for each VLAN . The 
root identifier of each VLAN is compared with the other VLANs , and if equal, the 
root ports of the two VLANs are compared. If the root identifiers are the same and 
if the root ports are different for any two VLANs , the two VLANs are merged into a 
new VLAN . To merge two VLANs , all of the ports of both VLANs are combined to define 
a new VLAN . Preferably, each VLAN is compared with every other VLAN in this manner. 
The spanning tree procedure is then executed for the new VLAN, which is then 
compared to the other VLANs in the same manner. Furthermore, if the root identifiers 
and the root ports are equal, then it is determined if any shared port of the two 
VLANs is blocked for one and not the other. If so, the two VLANs are merged into a 
new VLAN . 
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DOCUMENT- IDENTIFIER: US 5752003 A 

TITLE: Architecture for managing traffic in a virtual LAN environment 
Abstract Text (1) : 

Network traffic management is achieved based on automatically setting up a plurality 
of virtual networks (VNETs) within a single large virtual LAN . Multicast/broadcast 
traffic is confined to the VNET of the source, without imposing constraints on layer 
two addressing within the virtual LAN . VNETs are domains of users of a virtual LAN 
which include members of logical networks defined at layer three or higher. One 
method includes transferring a multi -destination packet originating from a 
particular node in the virtual LAN by a point-to-point path to a virtual net server. 
The virtual net server translates the multi-destination packet to a plurality of 
directed messages identifying nodes authorized to receive multi -destination packets 
from members of the particular VNET which originated the packet. The directed 
messages are then forwarded from the virtual net server to the authorized nodes. 
This way, multi -destination packets, such as advertisement or discovery packets, are 
confined to a single VNET. By confining the multi -destination packets to a single 
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